Return to search

RISCV Whisk: Unleashing the Power of Software Fuzzing on Hardware

In the hardware industry, the fabrication of a chip with hardware bugs represents a critical concern due to the permanent and irreversible nature of the process. The detection of bugs in intricate designs, such as those found in central processing units (CPUs), is a highly challenging and labor-intensive task, which leaves little margin for error. Modern CPU verification techniques often employ a blend of simulation, formal and emulation verification to guarantee the accuracy of the design. Although these methods are successful in identifying various types of design flaws, they still have some limitations. The biggest limitations is achieving comprehensive coverage of all conceivable scenarios and exceptional cases which may interrupt a core and put it in a halt state. We are presenting a design agnostic methodology involving a three-stage process for verification of a multi-core 32-bits RISC-V processor. This methodology leverages software fuzzing and utilizing state-of-the-art tools to analyze CPU's design after converting it into an equivalent software model. Our approach for hardware fuzzing incorporates the use of a sparse memory matrix as external memory to hold the inputs and state of the core, which are encountered during the fuzzing process. This approach has significantly increased the efficiency of our fuzzing process, enabling us to achieve a 609x improvement in the fuzzing rate compared to prevalent hardware fuzzing techniques. To further optimize our process, we precisely constrained the inputs of the fuzzer to provide only valid test scenarios, which eliminated the crash overhead of the fuzzer. By doing so, we have improved the accuracy of our testing results and reduced the time and resources required to analyze potential vulnerabilities. Our verification techniques are implemented using open-source tools, making our fast and cost-effective process accessible to a wide range of hardware engineers and security professionals. By leveraging the benefits of sparse memory and precise input constraints, our approach to hardware fuzzing offers a powerful and efficient tool for identifying potential hardware vulnerabilities and defects. / Master of Science / In the world of technology, computer chips play a crucial role in almost everything we do. These chips are designed to perform specific tasks and are used in a variety of devices, such as smartphones, computers, and gaming consoles. It's crucial that these chips are free of bugs or errors because even a small flaw can lead to disastrous consequences, such as system crashes, data loss, or even security breaches.
However, testing computer chips for bugs is a challenging and labor-intensive task, especially when it comes to complex designs like central processing units (CPUs). This is because CPUs are responsible for carrying out a wide range of operations and are made up of many intricate components, making it difficult to identify and fix any issues that arise during the testing process.
To overcome these challenges, engineers and researchers have developed various testing methods, including simulation, formal verification, and emulation verification. These methods are effective in identifying most types of design flaws, but they still have some limitations. For instance, they may not be able to cover all conceivable scenarios or exceptional cases that could cause a CPU to malfunction.
To address these limitations, we have developed a new testing method that leverages software fuzzing. Fuzzing is a technique in which millions of random inputs are given to the program to find unexpected behavior of the design. We are using state-of-the-art tools to analyze the CPU's design after converting it into an equivalent software model. This approach is called hardware fuzzing.
We have used a special memory system called a sparse memory matrix to implement hardware fuzzing. This system is used to hold the inputs and state of the CPU during the testing process. By doing this, we are able to increase the efficiency of the fuzzing process by 609x compared to other hardware fuzzing techniques. This means we can test the CPU much faster and more accurately than before.
To further optimize the process, we have constrained the inputs of the fuzzer to only include valid test scenarios. This eliminated the crash overhead of the fuzzer, which improved the accuracy of the testing results and reduced the time and resources required to analyze potential vulnerabilities.This new testing method is implemented using open-source tools, which makes it accessible to a wide range of hardware engineers and security professionals. In other words, anyone can use this method to test their CPU designs quickly and cost-effectively.

Identiferoai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/115880
Date30 June 2023
CreatorsSingh, Nandita
ContributorsElectrical and Computer Engineering, Hicks, Matthew, Xiong, Wenjie, Stavrou, Angelos
PublisherVirginia Tech
Source SetsVirginia Tech Theses and Dissertation
LanguageEnglish
Detected LanguageEnglish
TypeThesis
FormatETD, application/pdf
RightsIn Copyright, http://rightsstatements.org/vocab/InC/1.0/

Page generated in 0.0018 seconds